Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.1

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
171172173174175176177178179180
Templates and Alerts
Creation and Modification of Setuid File Template
Appendix A
161
generating an alert that a setuid file was opened for modification. The template can
also generate a false alert that a setuid file is created even though the file already
exists, and is opened with the create flag and not for modification.
The template cannot always distinguish between when a setuid file is created, and
when an existing setuid file is truncated. The template can therefore generate an
alert that a setuid file is created, instead of generating an alert that a setuid file is
truncated.